/usr/sbin/lua-choose-backend.lua

clien1 => CN=client1:group-gr1

clien2 => CN=client2:group-gr1

function choose_backend(txn)
– What logic to add to fetch CN from client side certificate and compare below ?

Fetch metadata from ssl_c_s_dn(cn) i.e. client1:group-gr1
Fetch the applicable group gr1 for client1
Fetch the backends for group gr1 i.e. bk1-gr1, bk2-gr1
backend = More logic to see which is least loaded backend bk1-gr1, bk2-gr1
backend will be bk1-gr1 or bk2-gr1
return backend
return "default"

I have backends grouped as gr1 and gr2
Client will send group details in CN field. The LUA should fetch group for client from CN and look into backends for this group and choose the backend by some logic (say least loaded) and return to config.

This is the reason I need to use LUA.
Please add how could this be done?

You don’t load balance between backends, you load-balance between servers of the same backend. Still no need for LUA, but I guess you have a specific use case requiring LUA you don’t want to talk about.

Since I don’t know how to do this with LUA, I will let the LUA experts handle this one then.